﻿<?php
include("class.base.php");
if (sisse_logitud()) { header("Location: index.php"); die(); }

if (isset($_POST["parool"])) {
	$email = htmlspecialchars($_POST["email"], ENT_QUOTES);
	$query = mysql_query("SELECT * FROM kasutaja WHERE email='".$email."'");
	if (!$query || !$row = mysql_fetch_array($query)) { $viga = $lang["kasutajat_ei_leitud"]; }
	elseif (!isset($_SESSION) || $_SESSION["pwt"] + 3600 > time()) { $viga = $lang["oled_hiljuti_parooli_tellinud"]; }
	else {
		$newpass = "";
        for ($i=0; $i<10; $i++) {
            $newpass .= chr(rand(65,90));
        }
		$replace = array("{PAROOL}", "{EESNIMI}", "{PERENIMI}", "{EMAIL}", "{AEGUB}");
		$with = array($newpass, $row["eesnimi"], $row["perenimi"], $row["email"], date_to_est($row["aegub"]));
		if (mymail($email, $lang["uus_parool_kirja_pealkiri"], str_replace($replace, $with, file_get_contents("tekstid_".$_SESSION["lang"]."/uusparool.txt")))) {
			mysql_query("UPDATE kasutaja SET parool='".md5(md5($newpass.PASSWORD_SALT))."' WHERE email='".$email."'");
			$teade = $lang["parool_muudetud_saadetud"];
			$_SESSION["pwt"] = time();
		}
		else { $viga = $lang["email_ei_saadetud"]; }
	}
}

$pealkiri1 = $lang["logi_sisse"];
$sisu =<<<SISU
<form action="" method="POST">
<table width="100%">
<tr><td width="100">$lang[email]</td><td><input type="text" name="email"></td></tr>
<tr><td></td><td><input type="submit" name="parool" value="$lang[telli_uus_parool]"></td></tr>
</table>
</form>
SISU;
include("kujundus.php");
?>